Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-88p8-4vv5-82j7: xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table

xaviershay-dm-rails Gem for Ruby contains a flaw in the execute() function in /datamapper/dm-rails/blob/master/lib/dm-rails/storage.rb. The issue is due to the function exposing sensitive information via the process table. This may allow a local attack to gain access to MySQL credential information.

ghsa
#sql#git#ruby

xaviershay-dm-rails Gem for Ruby exposes sensitive information via the process table

Moderate severity GitHub Reviewed Published Jan 26, 2023 to the GitHub Advisory Database

ghsa: Latest News

GHSA-pj33-75x5-32j4: RabbitMQ HTTP API's queue deletion endpoint does not verify that the user has a required permission